Penetration Testing mailing list archives
Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services
From: "Hugo Vinicius Garcia Razera" <hviniciusg () gmail com>
Date: Fri, 10 Jun 2005 08:21:45 -0400
Hello gentlemen: I would like to tanks every one that answered my last post. The help was greatly appreciated. Hugo -----Mensaje original----- De: Tomasz Piotr Palarz [mailto:tpalar1 () uic edu] Enviado el: Jueves, 09 de Junio de 2005 02:09 p.m. Para: Hugo Vinicius Garcia Razera CC: pen-test () securityfocus com Asunto: Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services If somebody mentioned this and I missed it, sorry. Nmap has version scanning that seems to work pretty well, at least for the box running sendmail and apache that I tried it on. Don't know about mssql, though. http://www.insecure.org/nmap/versionscan.html Just 2c from and "aspiring" security professional. -- Tomasz Piotr Palarz Computer Science Undergraduate University of Illinois at Chicago On Tue, 7 Jun 2005, Hugo Vinicius Garcia Razera wrote:
Hi every one, I'm doing a pen test on a client, and have found that he have a windows 2003 server box on one segment of his public addresses this is his dns/web/mail server: - mssql :1433 - terminal services :3389 - iis 6 :80 - smtp :25 - pop3 :110 - dns : 53 - ftp : filtered ports opened, i logged on the terminal services port whit the winxp remote desktop utility and it connects perfectly. i tried a dictionari atack on mssql server whit the "sa" account and others user names i collected. Hydra from THC was the tool, but no succes on this atack. also tried the tsgrinder for terminal services , but no success. well here come some questions: - What others Usernames should i try for sql and terminal services? i tried whit "sa" for sql and "Administrator" for TS - Any one knows how could i identify what version of sql server is
running.
- What other services of this host can be exploited? any comments, ideas, suggestions would be greatly appreciated. Hugo Vinicius Garcia Razera
Current thread:
- pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Hugo Vinicius Garcia Razera (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Kevin Reiter (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Aaron Oh (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Chip Andrews (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Andres Riancho (Jun 07)
- Injecting commands into a mainframe through a servlet Frederic Charpentier (Jun 08)
- RE: Injecting commands into a mainframe through a servlet Jason Muskat (Jun 08)
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Leandro Reox (Jun 09)
- Injecting commands into a mainframe through a servlet Frederic Charpentier (Jun 08)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Tomasz Piotr Palarz (Jun 09)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Hugo Vinicius Garcia Razera (Jun 10)
- <Possible follow-ups>
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Geoff Varosky (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services mike king (Jun 07)
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Erik Pace Birkholz (Jun 09)
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services DUBRAWSKY, IDO (CALLISMA) (Jun 09)
- Message not available
- SQL injection Faisal Khan (Jun 09)
- Re: SQL injection Joel Esler (Jun 09)
- Re: SQL injection ilaiy (Jun 09)
- Re: SQL injection Christian Martorella (Jun 09)
- Re: SQL injection Richard Barrell (Jun 09)
- Re: SQL injection Faisal Khan (Jun 09)
- Message not available